What is claimed is: 

1 1. A method comprising: 

2 identifying a firmware upgrade request by a firmware program; 

3 retrieving a file signed with a private key; 

4 validating the file with a public key; 

5 upgrading a portion of the firmware program by the firmware 

6 program; and 

7 locking a device storing the firmware program such that a second 

8 portion of the firmware program is not readable. 

1 2. The method of claim 1, further comprising: 

2 validating the public key; and 

3 retrieving a second public key from the firmware program if the 

4 public key is not valid. 

1 3. The method of claim 1, identifying a firmware upgrade request by a 

2 firmware program further comprising: 

3 reading a flag, wherein the flag is located in a non-volatile medium; 

4 and 

5 determining that the flag is set. 

1 4. The method of claim 3, further comprising: 

2 deleting the file; and 

3 clearing the flag. 

1 5. The method of claim 1, further comprising: 

2 determining that the file is not authentic; and 

3 locking the device. 
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1 6. The method of claim 1, further comprising: 

2 locking the device after upgrading a portion of the firmware 

3 program by the firmware program. 

1 7. The method of claim 1, wherein the second portion of the firmware 

2 program is a public key. 

1 8. A method comprising: 

2 identifying an upgrade request for a firmware program of a system; 

3 upgrading a first public key of the firmware program; 

4 receiving an interruption of power to the system; and 

5 using a second public key to subsequently upgrade the firmware 

6 program. 

1 9. The method of claim 8, further comprising: 

2 retrieving a file signed by a private key from the system; and 

3 authenticating the file with the second public key. 

1 10. The method of claim 9, further comprising: 

2 locking the device such that a portion of the firmware program is 

3 not readable. 
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1 11. The method of claim 10, locking the device such that a portion of the 

2 firmware program is not readable further comprising locking the device such that 

3 the public keys are not readable. 

1 12. The method of claim 9, further comprising: 

2 locking the device such that the public keys are not writable. 

1 13. A system comprising: 

2 a file signed by a private key; 

3 a device for storing a program, wherein the device may lock access 

4 to the program; and 

5 a firmware program stored in the device, which, upon execution: 

6 determines that an upgrade flag is set; 

7 retrieves the file; 

8 validates the file using a public key; 

9 upgrades a portion of the firmware program; and 

10 locks the device such that the a portion of the firmware 
n program is not readable. 

l 14. The system of claim 13, wherein the portion is the public key. 

1 15. The system of claim 13, wherein the firmware program further clears the 

2 upgrade flag. 

l 16. The system of claim 13, further comprising: 
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2 a persistent storage, wherein the file is located in the persistent 

3 storage. 

1 17. The system of claim 13, further comprising: 

2 a network interface for connecting the system to a network, 

3 wherein the file is retrieved from the network. 

1 18. The system of claim 13, the firmware program comprises a second portion 

2 further comprising: 

3 a minimal boot portion; 

4 a signature authentication portion; and 

5 a write device portion. 

1 19. The system of claim 13, wherein the portion of the firmware program 

2 further comprises: 

3 a hardware initialization portion; 

4 an operating system loader portion; and 

5 a device lock-out portion. 

1 20. The system of claim 18, wherein the portion of the firmware program 

2 further comprises: 

3 the public key; and 

4 a backup public key. 

l 21. The system of claim 13, wherein the device is a flash memory. 
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1 A system comprising: 

2 a file signed by a private key; and 

3 a firmware program comprising a permanent portion and an 

4 upgradable portion, wherein the upgradable portion includes a first public key 

5 and a second public key, the firmware program further: 

6 identifies a request to upgrade the firmware program; 

7 experiences an interruption in execution during an upgrade 

8 of the first public key; and 

9 upgrades the firmware program using the second public key 

10 once the interruption in execution is complete. 

1 22r. The system of claim 21, further comprising an upgrade flag with which the 

2 firmware program identifies the request to upgrade the firmware program. 

1 The system of claim 22, wherein the interruption in execution is due to a 

2 power loss to the system. 

1 A The system of claim 22 further comprising a device for storing the 

2 firmware program wherein the device is locked such that the public keys are not 

3 writable after the firmware program is upgraded. 

1 The system of claim 22, further comprising a device for storing the 

2 firmware program wherein the device is locked such that the public keys are not 

3 readable after the firmware program is upgraded. 
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1 2&. An article comprising a medium storing instructions for enabling a 

2 processor-based system to: 

3 identify a firmware upgrade request by a firmware program; 

4 retrieve a file signed with a private key; 

5 validate the file with a public key; 

6 upgrade a portion of the firmware program by the firmware 

7 program; and 

8 lock a device storing the firmware program such that the public key 

9 is not readable. 

1 <5 2£. The article of claim 26, further storing instructions that enable the 

2 processor-based system to: 

3 validate the public key; and 

4 retrieve a second public key from the firmware program if the 

5 public key is not valid. 

1 .28. The article of claim 27, further storing instructions that enable the 

2 processor-based system to: 

3 determine that the file is not authentic; and 

4 lock the device. 

1 -29. An article comprising a medium storing instructions for enabling a 

2 processor-based system to: 

3 identify an upgrade request for a firmware program of a system; 
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4 upgrade a first public key of the firmware program; 

5 receive an interruption of power to the system; 

6 use a second public key to subsequently upgrade the firmware 

7 program. 



1 -30-. The article of claim 29, further storing instructions that enable the 

2 processor-based system to: 

3 retrieve a file signed by a private key from the system; and 

4 authenticate the file with the second public key. 
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